For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

Bugs being actively hit with targeted attacks, warns research community

Microsoft has released three critical fixes addressing flaws in Windows, Windows .Net framework and Internet Explorer, some of which are being actively exploited by hackers in the wild.

The Windows critical patch fixes two flaws in the operating system's kernel that leave customers open to remote code execution attacks.

"The more severe of the vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or to visit an untrusted website that contains embedded TrueType fonts," said the Microsoft Security Bulletin Summary for October 2014.

"In all cases, however, an attacker would have no way to force users to perform these actions. Instead, an attacker would have to persuade users to do so, typically by getting them to click a link in an email or instant message."

"The FireEye Labs team has identified two new zero-day vulnerabilities as part of limited, targeted attacks against some major corporations. Both zero-days exploit the Windows Kernel," reported FireEye.

The Internet Explorer and .Net critical flaws are listed as potentially just as bad and could theoretically be used by hackers to mount remote execution attacks. There is currently no word on whether they are being actively exploited in the wild.

Microsoft also released five 'important' fixes for various Windows, Office and application bugs.